PRIVACY POLICY

Last updated 26 March 2018

Please contact Stepsoft if you have any questions about this policy. Please also read our Terms which forms part of your agreement with Stepsoft.

Privacy, security and integrity of data are of fundamental importance to Stepsoft. The privacy and protection of Your data and that of Your clients is of utmost importance and at Stepsoft we make every effort to ensure that all data held within Foxtrot is safe, secure and protected from unauthorised access at all times and that all data is backed up in accordance with best practises.

Please read this Policy carefully. It will help You make informed decisions about sharing Your personal information with us.

The defined terms in this Policy have the same meaning as in our Terms of Use, which You should read together with this Policy. By signing up to use Foxtrot, You consent to the terms of this Policy and agree to be bound by it and our Terms of Use.

What information does Stepsoft collect?

We collect the minimum amount of Your details that we need in order to provide You with the Foxtrot system, delivered as an online service over the Internet. This information will include contact details such as your name, billing address, email address, phone number, organisation and other relevant details for the purposes of delivering the Foxtrot system to you. We also collect billing information so we can send you electronic invoices. This information can include Your bank account details where payment by direct debit (if offered) is the preferred payment method. We do not store your credit card details at this point in time since we do not offer payment of Foxtrot by credit card at this stage. This may change in the future.

Other information that we collect includes all relevant communication with You including a history of contacts, support cases, invoicing and payment history.

When do we collect information?

We collect most of what we need when you register to use Foxtrot. We also collect logs of certain types of system activity, such as user login access, for security and user behaviour analysis reasons that will help us improve Foxtrot. We may also on occasions log other activity for debugging purposes in order to assist with bug fixes that may be found in the system.

Who has access to the information collected?

Qualified and professional Stepsoft development, technical and support staff may need access to the information collected from time to time to help resolve problems, to implement new features, or to provide technical and user support. We do not access any of Your information or any of Your client’s information held in Foxtrot unless there is a genuine need which cannot be resolved any other way.

Who do we pass on the information to?

All data in Foxtrot is held in absolute confidence and treated as Private and Confidential. Unless required by law, we do not pass on information to any 3rd party for any reason whatsoever. We do not sell information to third party marketers or other parties for any reason. Your data is only seen by You or your authorised representatives, or on occasions by technical staff at Stepsoft for the reasons outlined above.

Where is the information in Foxtrot stored?

Stepsoft uses Amazon Web Services (AWS), the world’s leading Infrastructure as a Service provider as its hosting infrastructure platform. All data in Foxtrot, including Your data and that of Your clients is stored on Virtual Servers provided by Amazon. Currently all data in Foxtrot is held at Amazon’s Sydney data centre. Stepsoft may or may not change this location or use multiple locations in the future as the business expands.

Who owns the data held in Foxtrot?

You own Your data, Stepsoft owns the Intellectual Property in the Foxtrot system. Intellectual Property is as defined in our Terms and Conditions and includes all meta-data and system data held in the Foxtrot database that is required for the system to operate.

Do we use Cookies?

We use cookies in Foxtrot to preserve and remember certain system information between and during Foxtrot sessions to make the system easier and more convenient to use. We do not store any personal data in cookies.

What other measures does Stepsoft take to protect data privacy?

Stepsoft uses 128 bit SSL encryption to ensure that all data entered by You into Foxtrot is transmitted securely over the Internet. Stepsoft has many other layers of protection that include:

128 bit SSL encryption

Physical security is provided by the world class facilities of Amazon Web Services at its Sydney Data Centre.

Foxtrot can only be accessed by authorised users with a Stepsoft issued user ID and password. You control who has access to Your implementation of Foxtrot, assisted and advised by Stepsoft as requested.

Stepsoft keeps a log of all logins to the system: who logged in and when, who logged out and when.

Foxtrot will time out and disconnect an inactive user session after a defined period of time. That time is usually 15 minutes but is configurable by Stepsoft for each Foxtrot client on request.

Foxtrot maintains a data audit trail of important changes to the data held in the system. This is done for security purposes and to identify misuse of the system should it occur. It tracks what data was updated, when and by whom. Which data items are tracked is configurable. As a minimum changes to contact details such as address, phone and email details are tracked as are changes to financial details. Please contact Stepsoft if further details is required.

Stepsoft staff must all adhere to this policy to protect the data of our clients at all times.

Stepsoft employs experienced software developers and database experts to ensure the integrity of the data is maintained at all times and is not subject to corruption of any type. Extensive software testing before releases also ensures that data integrity and data quality is not compromised with the release of new versions, modules or features.

What are Your responsibilities?

You are responsible for ensuring that Your and any of Your authorised Foxtrot users follow sound login and password protection policies. Stepsoft does not accept any responsibility for any breaches of privacy resulting from inadequate policies and procedures implemented by You.

What happens if a breach occurs?

Since Stepsoft’s inception in 1998 there has never been a privacy breach. However, should a privacy breach occur and Stepsoft becomes aware of it then we will work diligently with You to resolve the matter in the quickest and most efficient way possible and to implement any necessary changes to ensure that such a breach does not occur again.

Further Information

Please contact Stepsoft by email to md@stepsoft.com.au should further information be required about Stepsoft’s Privacy Policy or about Stepsoft’s Terms and Conditions. Both policies are reviewed and amended as required periodically.